Add dynamic registration endpoint

[jblemee]

Hello,

I've re done the work done by wayward710

JB

[juanifioren]

Nice work @jblemee ! we need tests for it. Ex, Registering valid and invalid data.

[jblemee]

I've added some tests, 91% coverage, hope it's enough

[jblemee]

Please wait before merging I missed something important

[jblemee]

Done, I let you review the new commit

[sylvainlb]

Hello there! I'm interested in this also, would it be possible to include it in a new release?

[balessan]

Interested too. Any idea when it could be available ?

[matthieu-fesselier]

Same here, very interested by this!

[juanifioren]

I'm working on documentation for this + resolving conflicts... should be ready for next version

[alexdutton]

I'm playing with this as I'm eager to use it. So far

• The setting to enable it has a name ending _ENABLED, when similar settings end _ENABLE
• The URL for RegisterView should probably end /?$ to match the others (i.e. the / is optional)
• curl http://localhost:8000/register/ -XPOST (i.e. no body), causes a 500, when it should probably return a 415 Unsupported Media Type if there isn't a Content-Type: application/json request header, and 400 Bad Request if the request body isn't JSON-parseable.
• curl http://localhost:8000/register/ -XPOST -d'{}' puts the error details in the WWW-Authenticate header, when the spec says they should be in a JSON response body
• It'd be great if we could customise client creation, particularly as it's now possible to have a swappable client model
• Is the openid scope the right one to control whether a client can register a new client?
• redirect_uris is returned as a string, instead of an array
• client_secret_expires_at is returned as a string ("0") instead of an integer
• There's no validation of the interplay between application_type and redirect_uris (see https://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata)

Let me know if I can help to get this in, including addressing the above!